The Intelligence Community has never taken a one-cloud approach to its IT modernization and consolidation effort known as ICITE.
The IC IT Enterprise is well known for being the first federal organization to use a commercial cloud provider — Amazon Web Services — to host and process data up to the classified level. But the National Security Agency also has been providing a government-only cloud to the intelligence community for many years.
Insight by Ciena: Federal IT executives provide insight into the future of their networks in this exclusive executive briefing.
John Sherman, the Intelligence Community’s chief information officer, wants to clear up any confusion about the recent award to Microsoft to add the Azure cloud into the ICITE mix.
He said while AWS maintains the elastic cloud computing capability for the IC through the current Commercial Cloud Services (C2S) contract, the needs of the community required Sherman’s office to look for alternatives, particularly for Office 365 and other software-as-a-service options.
“After recent Windows iterations here, we were under the impression that there would not be any more [Office] offerings like they used to do,” Sherman said in an exclusive interview on Ask the CIO. “We would have access to Azure for some types of cognitive services and so on. This is complementary to the broader arrows in our quiver with a very big arrow being what we have with C2S. We are excited about what Microsoft products and services we can leverage, and O365 is a real coin of the realm capability that all 17 agencies need and this was almost a no-brainer for us to leverage it this way and have a software-as-a-service capability like this.”
Sherman, who became the IC CIO in September after spending time at the CIA and the National Geospatial Intelligence Agency, didn’t directly address the Defense Department’s JEDI cloud effort as it relates to being modeled after the intelligence community’s ICITE initiative.
But he was quick to point out NSA’s government cloud, used mainly for data analysis and processing, has been a part of ICITE since its beginning in 2012 and along with AWS, the IC was never a one-cloud shop.
After Microsoft announced that the intelligence community awarded it and Dell a Joint Enterprise Licensing Agreement in May, questions emerged around what this means for the DoD effort, and if it strengthens Microsoft’s hand around JEDI.
“This new agreement provides the IC with a vehicle for accessing the latest Microsoft technologies to further empower its agencies, optimize operations and modernize infrastructure,” Toni Townes-Whitley, Microsoft corporate vice president for industry, wrote in a blog post.
From the IC’s perspective, the inclusion of Microsoft Azure is just another piece to the broader puzzle that is ICITE.
“One of the things I’ve got clear guidance on is we will always be looking for new technologies, new industry capabilities on cloud computing,” Sherman said. “One of the priorities we have in the IC is to move to artificial intelligence and machine learning, and this cloud computing foundation is absolutely critical in getting us there.”
Sherman said the IC is moving more and more workloads to the C2S cloud as the community becomes more comfortable with these capabilities.
“What makes sense for elastic cloud compute, for things that are spiky and fit that cost model, leverage that suite of capabilities that Amazon has for us on the different security fabrics as compared to what the IC GovCloud could do,” he said. “I see that as the very high horse-powered engine, massive amounts of data to do sense making and data correlation at a whole different scale and level.”
He said Amazon, the NSA GovCloud and now Microsoft will let the community move at greater speed with greater certainty of outcomes so the executives and operators can get to decisions faster.
“There are some eye-watering things we are doing on counter terrorism, on following state and non-state actors who mean to do this country harm and to be able to stay ahead of this in a way that when I, for example, two decades ago was looking at satellite imagery would have to feed this into a very manual process,” Sherman said. “We are at a very different place now to have to stay ahead of the reams of data that come in from all the different intelligence collectors.”
With the growing options to use the cloud, Sherman said his office is looking at the IC’s overall cloud strategy, and will continue to look for new capabilities.
“It has to be an open approach. We cannot get into vendor lock-in specifics on how the capabilities are not able to talk to each other. I’m not willing to spend a ton of money on middleware to make the clouds work with one another,” he said. “My offer to industry is that we will be looking at options, but I will not be doing it in a way that goes against the entire principles of ICITE that stovepipes or segregates our data and our ability to work. That’s a little bit of my charge to industry, make it easier for us.”
The decision to add Microsoft’s Azure cloud is part what many know as the second epoch of ICITE, with a particular focus on improving the common desktop initiative.
Initially, the IC wanted to develop a single desktop for the entire community, which includes email and collaboration software. But Sherman found during his initial few months on the job that the current approach no longer made sense.
“We learned that the integration of a one-size fits all solution to all 17 agencies was not going to be feasible,” he said. “We had to move away from this common desktop to more of a reference architecture federated model. When ICITE started, it was a ‘do in common what is commonly done’ efficiencies effort. We still strive for efficiencies. But it really is about mission outcomes and not trying to homogenize things to the 17 agencies that have very unique and independent missions.”
After several IC leaders said this common desktop approach was more complex than initially imagined and could potentially break mission critical apps, Sherman went to the Hill and his bosses in the Office of the Director of National Intelligence for approval to move in a different direction.
Sherman said the goal now is a managed federation based on a reference architecture that outlines a minimum set of standards that focuses on buy before build.
“We are still committed to the goals of the common desktop. There are three: interoperability among the agencies, increased security and mobility, where you can go to another agency and log on to the desktop,” he said. “We are still committed to get to the same outcomes by 2020 or so, which we would have with the desktop roll out.”
He said a new division in his office, called architecture and innovation, will develop the reference architecture in a cross-IC approach.
“Where we are taking this modernization in the second epoch, probably one of the most important pieces that will be one of my issues to focus on during my tenure will be on the data piece,” Sherman said. “Working closely with our chief data officer, with the communities of CDOs to make it real. We talk about ‘tag the person, tag the data.’ Data has been an IC asset, but we have to make it absolutely so now. What we’ve done with the ‘bottom of the stack,’ the cloud, the network and other foundational pieces, as we move up the stack, now we have to make that piece work.”